TradeTrap: Arbitrary Supply Increase Vulnerability in PolyAI Token Contract

TradeTrap: Arbitrary Supply Increase Vulnerability in PolyAI Token Contract

CVE-2018-12078 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The mintToken function of a smart contract implementation for PolyAI (AI), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

Learn more about our Web Application Penetration Testing UK.